Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0ee012-ba7b-4606-9d7c-c4ace4f834b5/1/Fe7uHk9u40_jNRGrC3nW6harDMg.roa
File: Fe7uHk9u40_jNRGrC3nW6harDMg.roa (raw, json)
Hash identifier: Es8wQl9RsGP2RKff96HG+AixU62lDbkaw0m12lyaH28=
Subject key identifier: 15:EE:EE:1E:4F:6E:E3:4F:E3:35:11:AB:0B:79:D6:EA:16:AB:0C:C8
Certificate issuer: /CN=a24e523f304e22eae8cff880d8388493c5a01178
Certificate serial: 018CC56E96C86CCCBF0F9E6F9ABDAF9C3AA6
Authority key identifier: A2:4E:52:3F:30:4E:22:EA:E8:CF:F8:80:D8:38:84:93:C5:A0:11:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ok5SPzBOIuroz_iA2DiEk8WgEXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0ee012-ba7b-4606-9d7c-c4ace4f834b5/1/Fe7uHk9u40_jNRGrC3nW6harDMg.roa
Signing time: Mon 01 Jan 2024 14:30:08 +0000
ROA not before: Mon 01 Jan 2024 14:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48662
IP address blocks: 45.89.0.0/22 maxlen: 24
2a0a:4a00::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 19 Jul 2024 11:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:96:c8:6c:cc:bf:0f:9e:6f:9a:bd:af:9c:3a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24e523f304e22eae8cff880d8388493c5a01178
Validity
Not Before: Jan 1 14:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15eeee1e4f6ee34fe33511ab0b79d6ea16ab0cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ec:a2:f9:0d:c9:7d:71:37:f2:e9:3e:64:41:
3b:21:4e:27:e4:19:b8:cd:1d:26:f4:14:49:8e:f9:
30:be:b1:d4:67:52:9f:b5:56:e8:b6:f3:38:7d:4c:
ef:95:70:02:c0:fc:7c:3f:b7:64:df:94:a5:5f:65:
8b:fc:6d:c1:5b:b4:d2:a2:d5:e4:e0:e6:fa:26:ea:
cc:3d:ec:e2:0b:0f:3e:64:19:70:d8:0f:90:49:9e:
dd:af:5a:f9:6f:67:55:22:e3:86:a3:d2:88:4e:ae:
cf:19:14:28:ab:dc:97:f1:61:90:ab:d8:83:70:5f:
a9:ca:d7:c0:db:e0:6f:55:07:38:d8:e6:ca:ca:06:
2d:4c:c0:55:df:72:09:ad:b3:88:28:e1:ff:0a:29:
a5:1a:e7:5e:9c:44:f2:31:61:27:49:7e:64:a0:7c:
9a:6f:35:d2:cc:d3:5a:0f:c3:2e:b1:b0:cb:1c:f2:
3c:81:da:ca:3b:b1:d6:76:a1:98:fe:60:46:b7:9a:
b2:c1:b8:fe:e8:ab:db:b8:bb:f9:ea:fc:47:01:f7:
97:24:02:8d:e6:0a:d8:40:d1:e6:4d:98:fd:df:15:
c2:90:08:65:6c:80:73:51:ac:8c:29:28:5b:bf:df:
ee:b5:c0:67:8d:3b:73:2a:82:54:29:c8:f4:20:59:
d7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:EE:EE:1E:4F:6E:E3:4F:E3:35:11:AB:0B:79:D6:EA:16:AB:0C:C8
X509v3 Authority Key Identifier:
keyid:A2:4E:52:3F:30:4E:22:EA:E8:CF:F8:80:D8:38:84:93:C5:A0:11:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ok5SPzBOIuroz_iA2DiEk8WgEXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0ee012-ba7b-4606-9d7c-c4ace4f834b5/1/Fe7uHk9u40_jNRGrC3nW6harDMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0ee012-ba7b-4606-9d7c-c4ace4f834b5/1/ok5SPzBOIuroz_iA2DiEk8WgEXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.0.0/22
IPv6:
2a0a:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
9d:9d:99:5f:d2:3d:d3:69:8e:b7:cc:9b:69:25:6e:8b:05:45:
83:54:a8:5f:71:55:62:5a:df:5b:cb:56:ce:10:20:6e:50:05:
8b:da:97:36:8b:3e:f0:fc:3c:5f:9d:24:67:bd:a4:92:cc:61:
95:af:fb:9f:5b:ac:9d:9e:00:6a:64:04:c8:c9:2b:1f:40:58:
9d:70:6c:c1:ce:d0:d1:79:58:2b:d5:ca:af:de:f4:d2:9f:90:
4e:50:9b:a3:f5:8c:dc:38:cb:ad:8e:c7:d2:41:ac:c1:6d:97:
08:51:5b:73:ed:8a:4f:19:b8:3b:15:f5:ad:e5:be:a5:02:cc:
f7:2d:d3:13:28:e6:28:51:f5:b1:e2:83:7e:a3:8e:29:ef:a0:
27:6a:f9:7b:03:dd:0b:31:07:15:47:da:e8:2c:de:8f:b8:76:
29:f1:61:c6:cb:80:ab:b0:96:ea:41:b3:54:0b:f7:26:2f:cc:
3d:14:c3:fc:c7:9a:8e:69:bf:a4:17:3c:c0:55:4d:25:df:7f:
ad:55:92:73:60:f0:6c:53:4e:5e:ea:19:62:a6:11:a0:8b:76:
31:b6:e8:40:b6:ff:6f:51:07:c5:fc:0c:97:29:51:15:d8:04:
b5:1a:6e:41:0d:ce:ac:8c:eb:2a:04:b9:c3:ec:5e:df:d0:dd:
3d:e1:8e:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbpbIbMy/D55vmr2vnDqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGU1MjNmMzA0ZTIyZWFlOGNmZjg4MGQ4Mzg4NDkzYzVh
MDExNzgwHhcNMjQwMTAxMTQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWVlZWUxZTRmNmVlMzRmZTMzNTExYWIwYjc5ZDZlYTE2YWIwY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+yi+Q3JfXE38uk+ZEE7IU4n5Bm4
zR0m9BRJjvkwvrHUZ1KftVbotvM4fUzvlXACwPx8P7dk35SlX2WL/G3BW7TSotXk
4Ob6JurMPeziCw8+ZBlw2A+QSZ7dr1r5b2dVIuOGo9KITq7PGRQoq9yX8WGQq9iD
cF+pytfA2+BvVQc42ObKygYtTMBV33IJrbOIKOH/CimlGudenETyMWEnSX5koHya
bzXSzNNaD8MusbDLHPI8gdrKO7HWdqGY/mBGt5qywbj+6KvbuLv56vxHAfeXJAKN
5grYQNHmTZj93xXCkAhlbIBzUayMKShbv9/utcBnjTtzKoJUKcj0IFnXrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBXu7h5PbuNP4zURqwt51uoWqwzIMB8GA1UdIwQY
MBaAFKJOUj8wTiLq6M/4gNg4hJPFoBF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2s1U1B6Qk9JdXJvel9pQTJEaUVrOFdnRVhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wZWUwMTItYmE3Yi00NjA2LTlkN2Mt
YzRhY2U0ZjgzNGI1LzEvRmU3dUhrOXU0MF9qTlJHckMzblc2aGFyRE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wZWUwMTItYmE3Yi00NjA2LTlkN2MtYzRhY2U0ZjgzNGI1
LzEvb2s1U1B6Qk9JdXJvel9pQTJEaUVrOFdnRVhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVkAMA0E
AgACMAcDBQMqCkoAMA0GCSqGSIb3DQEBCwUAA4IBAQCdnZlf0j3TaY63zJtpJW6L
BUWDVKhfcVViWt9by1bOECBuUAWL2pc2iz7w/DxfnSRnvaSSzGGVr/ufW6ydngBq
ZATIySsfQFidcGzBztDReVgr1cqv3vTSn5BOUJuj9YzcOMutjsfSQazBbZcIUVtz
7YpPGbg7FfWt5b6lAsz3LdMTKOYoUfWx4oN+o44p76Anavl7A90LMQcVR9roLN6P
uHYp8WHGy4CrsJbqQbNUC/cmL8w9FMP8x5qOab+kFzzAVU0l33+tVZJzYPBsU05e
6hliphGgi3YxtuhAtv9vUQfF/AyXKVEV2AS1Gm5BDc6sjOsqBLnD7F7f0N094Y6L
-----END CERTIFICATE-----
Generated at Fri Jul 19 14:02:00 2024 by rpki-client on console-ams.rpki-client.org